Blog
Articles
Tutorials and notes with Markdown, syntax-highlighted code blocks, and LaTeX math when we need it.
Unmasking Malware Safely: Emulation and Capability Analysis with Speakeasy & Capa
Ever wondered what a malicious payload actually does behind the scenes? In this walkthrough, we dissect a Windows executable named brbbot.exe using a safe Linux environment. By leveraging FireEye’s Speakeasy emulator and Capa, we extract hidden API calls, uncover command-and-control capabilities, and map out the malware's attack strategy—all without putting our own systems at risk.
Deconstructing the Blueprint: A Step-by-Step Guide to Dynamic Malware Analysis
Step inside the isolated sandbox. Learn how to securely configure host-only virtual environments, trick malicious code using FakeDNS, and capture runtime footprints with Process Monitor and Wireshark.
Unmasking the Malware: A Step-by-Step Guide to Reverse Engineering Malicious
Malicious Windows shortcuts are a favorite tool for attackers looking to sneak onto your system undetected. Dive deep as we dissect a live sample using Wireshark, Process Hacker, and PE Studio to reveal exactly what's hidden inside.
Beyond the Source Code: What Happens When Your C++ Hits a Reverse Engineering Tool?
Ever wonder what your simple "Hello World" looks like under a microscope? Join us as we compile a basic C++ script, pivot from compiler flags to x64dbg, and hunt for our real main function amidst system DLLs.
Reverse Engineering: Debugging a C++ Executable with x64dbg
Explore the step-by-step process of reverse engineering a simple C++ program. Learn how to identify the main entry point, set breakpoints, and analyze registers and memory using x64dbg.
The Ultimate Reverse Engineering & Malware Analysis Resource Stack
A curated guide to the best reverse engineering and malware analysis resources, including learning paths, tools, malware sample repositories, sandboxes, threat intelligence platforms, and hands-on practice labs for beginners and advanced analysts.